Lucene search
K

2852 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 11:23 p.m.8 views

CVE-2026-13318

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS6AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:17 p.m.3 views

DEBIAN-CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS5.7AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 10:17 p.m.6 views

CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS0.00171EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:17 p.m.3 views

UBUNTU-CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

7.5CVSS5.8AI score0.0021EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 10:17 p.m.3 views

UBUNTU-CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS5.7AI score0.00171EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 9:32 p.m.22 views

CVE-2026-7511 PKCS7_verify signer confusion allows forged signatures to be accepted

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

5.9CVSS0.00171EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 9:32 p.m.4 views

CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS5.7AI score0.00171EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 9:15 p.m.24 views

CVE-2026-11703 Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS0.0021EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 6:52 p.m.5 views

GHSA-2F33-PR97-265Q MessagePack-CSharp: ASP.NET Core MessagePackInputFormatter defaults to TrustedData for HTTP request bodies

Summary The parameterless MessagePackInputFormatter constructor uses default serializer options, which resolve to MessagePackSerializerOptions.Standard with MessagePackSecurity.TrustedData. The formatter is designed for ASP.NET Core MVC request bodies, which commonly cross an HTTP trust boundary...

6.3CVSS5.6AI score0.00236EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 6:38 p.m.6 views

CVE-2026-49980

A flaw was found in Rclone, a command-line program for cloud storage synchronization. When the rcd --rc-serve option is enabled, an unauthenticated remote attacker can send specially crafted GET or HEAD requests to execute arbitrary commands as the Rclone process user. This vulnerability allows f...

9.8CVSS6.5AI score0.00701EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/06/25 12:38 p.m.9 views

USN-8474-1: NSD vulnerabilities

It was discovered that NSD incorrectly handled APL resource records with an address length larger than permitted for the address family. A remote attacker could use this to cause a stack-based buffer overflow when the zone is written to disk, potentially executing arbitrary code with the privileg...

8.8CVSS6.6AI score0.00303EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39182

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score0.00303EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 7:16 a.m.4 views

ALPINE-CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS5.9AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 7:16 a.m.9 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS0.00303EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 5:24 a.m.6 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score0.00303EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 5:24 a.m.34 views

CVE-2026-12244 Heap overflow and crash with crafted SVCB RR

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS0.00303EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/25 5:24 a.m.5 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS5.9AI score0.00303EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52209

Name of the Vulnerable Software and Affected Versions NSD affected versions not specified Description A heap overflow occurs when NSD is configured as a secondary for a zone. A primary server can crash the system by sending an AXFR containing a DNS message with a specially crafted SVCB RR Resourc...

8.8CVSS6AI score0.00303EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52622

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A signer confusion issue in PKCS7 verify allows for forged signatures. This occurs because the signer associated with a signature is not correctly bound, which...

7.5CVSS5.7AI score0.00171EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52591

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where SNI Server Name Indication and ALPN Application-Layer Protocol Negotiation bindings are missing during stateful session-ID resumption. This...

7.5CVSS5.7AI score0.0021EPSS
Exploits0References7
Rows per page
Query Builder